package com.jia.chenjiaweb.config.shiroConfig;

import com.jia.chenjiaweb.config.realm.AuthRealm;
import com.jia.chenjiaweb.config.realm.RedisCacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);
        //提供登录到url
        bean.setLoginUrl("/");
        //提供登陆成功的url
        bean.setSuccessUrl("/index");
        // 权限认证失败，则跳转到指定页面
        bean.setUnauthorizedUrl("/unauthorized");
        // 身份认证失败，则跳转到登录页面的配置
        bean.setLoginUrl("/");
        /*
         * 可以看DefaultFilter,这是一个枚举类，定义了很多的拦截器authc,anon等分别有对应的拦截器
         * */
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        filterChainDefinitionMap.put("/login", "anon");
        filterChainDefinitionMap.put("/", "anon");
        filterChainDefinitionMap.put("/loginUser", "anon");
        filterChainDefinitionMap.put("/register", "anon");
        filterChainDefinitionMap.put("/druid/**", "anon");//所有的druid请求，不需要拦截，anon对应的拦截器不会进行拦截
        filterChainDefinitionMap.put("/index", "authc");//代表着前面的url路径，用后面指定的拦截器进行拦截
//        filterChainDefinitionMap.put("/**", "user");//所有的路径都拦截，被UserFilter拦截，这里会判断用户有没有登陆
        bean.setFilterChainDefinitionMap(filterChainDefinitionMap);//设置一个拦截器链

        bean.setFilterChainDefinitionMap(filterChainDefinitionMap);//设置一个拦截器链
        return bean;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(Realm authRealm) {
        //这个DefaultWebSecurityManager构造函数,会对Subject，realm等进行基本的参数注入
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(authRealm);//往SecurityManager中注入Realm，代替原本的默认配置
        return manager;

    }

    //自定义的Realm
    @Bean
    public Realm authRealm() {
        AuthRealm authRealm = new AuthRealm();
//        //修改凭证校验匹配器
//        HashedCredentialsMatcher credentialsMatcher=new HashedCredentialsMatcher();
//        //设置算法为MD5
//        credentialsMatcher.setHashAlgorithmName("MD5");
//        //设置散列次数
//        credentialsMatcher.setHashIterations(1024);
//        authRealm.setCredentialsMatcher(credentialsMatcher);


        //开启本地缓存管理
//        authRealm.setCacheManager(new EhCacheManager());

        //开启redis缓存管理  调用不起来 todo 待解决
//        authRealm.setCacheManager(new RedisCacheManager());
//        authRealm.setCachingEnabled(true);//开启全局缓存
//        authRealm.setAuthenticationCachingEnabled(true);//认证缓存
//        authRealm.setAuthenticationCacheName("authenticationCacheName");
//        authRealm.setAuthorizationCachingEnabled(true);//授权缓存
//        authRealm.setAuthorizationCacheName("authorizationCacheName");

        return authRealm;
    }
}
